From ${URL} : Description A vulnerability has been reported in Dovecot, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to an error when handling a terminated client connection during the "LIST" command processing and can be exploited to cause a crash. The vulnerability is reported in versions prior to 2.2.5. Solution: Update to version 2.2.5. Provided and/or discovered by: Reported by the vendor. Original Advisory: http://www.dovecot.org/list/dovecot-news/2013-August/000261.html @maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
@security: Please stabilize =net-mail/dovecot-2.2.5. Thank you.
(In reply to Eray Aslan from comment #1) > @security: Please stabilize =net-mail/dovecot-2.2.5. Thank you. Arches do stabilization, not security. Arches, please test and mark stable: =net-mail/dovecot-2.2.5 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
Stable for HPPA.
As per http://www.openwall.com/lists/oss-security/2013/08/14/6 is not a security bug, but we can stabilize to address the issue.
amd64 stable
x86 stable
arm stable
ppc stable
ia64 stable
alpha stable
ppc64 stable
sparc stable
SH is not anymore a stable arch, removing it from the cc list
S390 is not anymore a stable arch, removing it from the cc list
